Falhas do tipo CWE-20

4.749 resultados
CVE-2022-2145MEDIUMCloudlfare WARP Arbitrary File OverwriteEPSS 0.3%CVE-2026-26953MEDIUMPi-hole Web Interface has Stored HTML Injection via X-Forwarded-For Header in Active Sessions TableEPSS 0.3%CVE-2024-27896HIGHInput verification vulnerability in the log module. Impact: Successful exploitation of this vulnerability can affect integrity.EPSS 0.3%CVE-2026-13893MEDIUMInsufficient validation of untrusted input in WebUI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin dEPSS 0.3%CVE-2026-13797CRITICALInsufficient validation of untrusted input in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromisEPSS 0.3%CVE-2025-40846HIGHHaloITSM open redirect via the returnUrlEPSS 0.3%CVE-2026-13777HIGHInsufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentiallyEPSS 0.3%CVE-2026-30078HIGHOpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the mEPSS 0.3%CVE-2025-15606HIGHDenial of Service (DoS) in HTTPD Input Handling on TP-Link TD-W8961NEPSS 0.3%CVE-2024-52592MEDIUMMissing validation allows spoofed poll updates in MisskeyEPSS 0.3%CVE-2020-35509MEDIUMA flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticatoEPSS 0.3%CVE-2025-1080HIGHMacro URL arbitrary script executionEPSS 0.3%CVE-2026-0403LOWInsufficient input validation in NETGEAR Orbi routersEPSS 0.3%CVE-2025-0658HIGHAutomated Logic and Carrier Zone Controllers malformed packets denial of serviceEPSS 0.3%CVE-2026-9969HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary EPSS 0.3%CVE-2025-26489MEDIUMImproper input validation in Netconf service in Infinera MTC-9EPSS 0.3%CVE-2026-8527HIGHInsufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrEPSS 0.3%CVE-2025-0052HIGHFlashBlade DOS VulnerabilityEPSS 0.3%CVE-2026-7165CRITICALMultiple vulnerabilities in the Assassin game by GaudireEPSS 0.3%CVE-2025-29646HIGHAn issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentReEPSS 0.3%